Learning More About YAML Deserialization

Introduction

Deserialization attacks are quite popular when it comes to programming languages such as Java, Python, and Ruby. These flaws manifest themselves when a stream of data is directly deserialized without any checks being performed first, and they might result in the execution of remote code.